package com.source.security.config;

import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @Author wengqy
 * @Date 2021/1/27
 */

@Configuration
public class MysecurityConfig  extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/","/login").permitAll()
                .antMatchers("/level1/**").hasRole("vip1")
                .antMatchers("/level2/**").hasRole("vip2")
               .antMatchers("/level3/**").hasRole("vip3")  ;

        http.formLogin().usernameParameter("uname").passwordParameter("pwd").loginPage("/userlogin");
        http.logout().logoutSuccessUrl("/"); //.logoutSuccessUrl("/");//注销成功以后来到首页

        http.rememberMe().rememberMeParameter("remeber");
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {


        auth.inMemoryAuthentication().withUser("zhangsan").password("123456").roles("vip1","vip2")
                .and().withUser("lisi").password("123456").roles("vip2","vip3").and()
                .withUser("wanghu").password("123456").roles("vip1","vip3");
    }
}
